461 matches found
CVE-2025-22110 netfilter: nfnetlink_queue: Initialize ctx to avoid memory allocation error
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: Initialize ctx to avoid memory allocation error It is possible that ctx in nfqnlbuildpacketmessage could be used before it is properly initialize, which is only initialized by nfqnlgetsksecctx. This pat...
CVE-2025-22110
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: Initialize ctx to avoid memory allocation error It is possible that ctx in nfqnlbuildpacketmessage could be used before it is properly initialize, which is only initialized by nfqnlgetsksecctx. This pat...
CVE-2025-22110 netfilter: nfnetlink_queue: Initialize ctx to avoid memory allocation error
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: Initialize ctx to avoid memory allocation error It is possible that ctx in nfqnlbuildpacketmessage could be used before it is properly initialize, which is only initialized by nfqnlgetsksecctx. This pat...
PT-2025-25790
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been identified in the Linux kernel, specifically in the dmaengine: idxd component. The problem occurs when an error happens during the idxd alloc function, causi...
CVE-2025-21974 eth: bnxt: return fail if interface is down in bnxt_queue_mem_alloc()
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: return fail if interface is down in bnxtqueuememalloc The bnxtqueuememalloc is called to allocate new queue memory when a queue is restarted. It internally accesses rx buffer descriptor corresponding to the index. The ...
CVE-2025-21974
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: return fail if interface is down in bnxtqueuememalloc The bnxtqueuememalloc is called to allocate new queue memory when a queue is restarted. It internally accesses rx buffer descriptor corresponding to the index. The ...
CVE-2023-52942 cgroup/cpuset: Fix wrong check in update_parent_subparts_cpumask()
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Fix wrong check in updateparentsubpartscpumask It was found that the check to see if a partition could use up all the cpus from the parent cpuset in updateparentsubpartscpumask was incorrect. As a result, it is...
CVE-2023-52942
CVE-2023-52942 affects the Linux kernel’s cgroup/cpuset subsystem. The root cause was an incorrect check in update_parent_subparts_cpumask() that could allow a parent cpuset to be left with no effective CPUs even when there are tasks in it, potentially causing a system panic. The fix alters the e...
ALPINE-CVE-2025-27810
Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...
net: fec: handle page_pool_dev_alloc_pages error
...
PT-2025-20503
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue is related to error handling in the amd powerplay create function, specifically when amdgpu cgs create device fails. To...
UBUNTU-CVE-2024-58085
In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyowritecontrol syzbot is reporting too large allocation warning at tomoyowritecontrol, for one can write a very very long line without new line character. To fix this warning, I use GFPNOWARN...
CVE-2024-58056
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix idafree call while not allocated In the rprocalloc function, on error, putdevice&rproc-dev is called, leading to the call of the rproctyperelease function. An error can occurs before idaalloc is called. In...
DEBIAN-CVE-2024-58056
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix idafree call while not allocated In the rprocalloc function, on error, putdevice&rproc-dev is called, leading to the call of the rproctyperelease function. An error can occurs before idaalloc is called. In...
Linux Distros Unpatched Vulnerability : CVE-2024-56681
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: bcm - add error check in the ahashhmacinit function The ahashinit functions may return fails. The ahashhmacinit should not return ok when ahashinit...
Linux Distros Unpatched Vulnerability : CVE-2025-21676
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls...
Linux Distros Unpatched Vulnerability : CVE-2022-48659
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/slub: fix to return errno if kmalloc fails In createuniqueid, kmalloc, GFPKERNEL can fail due to out-of-memory, if it fails, return errno correctly rather...
Linux Distros Unpatched Vulnerability : CVE-2023-38429
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation because of...
Linux Distros Unpatched Vulnerability : CVE-2017-8834
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The crtknzrparsecomment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service memory allocation error via a crafted CSS...
Linux Distros Unpatched Vulnerability : CVE-2013-7023
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ffcombineframe function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers...